| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 88380 | 2008-03-25 12:27:00 | ntos.exe virus, HJT log posted, pls help, thank you. | vladmir (13538) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 652731 | 2008-03-27 22:11:00 | Lets get rid of these before you go . It the desktop background . Please download the OTMoveIt by OldTimer ( . bleepingcomputer . com/oldtimer/OTMoveIt2 . exe" target="_blank">download . bleepingcomputer . com) Save it to your desktop . Please double-click OTMoveIt . exe to run it Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy): C:\WINDOWS\system32\badkfetoretgn . bmp C:\WINDOWS\system32\dgfil . bmp C:\WINDOWS\system32\gnadof . bmp C:\WINDOWS\system32\kbahsbqpcjel . bmp Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste . Click the red Moveit! button . Close OTMoveIt If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process . If you are asked to reboot the machine choose Yes . |
Pancake (6359) | ||
| 652732 | 2008-03-28 02:15:00 | log of OT remove: [Custom Input] < C:\WINDOWS\system32\badkfetoretgn.bmp > File/Folder C:\WINDOWS\system32\badkfetoretgn.bmp not found. < C:\WINDOWS\system32\dgfil.bmp > File/Folder C:\WINDOWS\system32\dgfil.bmp not found. < C:\WINDOWS\system32\gnadof.bmp > File/Folder C:\WINDOWS\system32\gnadof.bmp not found. < C:\WINDOWS\system32\kbahsbqpcjel.bmp > File/Folder C:\WINDOWS\system32\kbahsbqpcjel.bmp not found. OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03282008_074231 So i guess nothing was found? BTW, good news! (at least for now) During startup, the wallpaper did NOT revert to the "warning, you have spyware" walpaper! So that means that it is removed,hopefully. Please advice Pancake if you need me to run more scans, just to be sure. Myself, i will be doing full scanning with the antivirus programs that i have installed, one at a time of course! |
vladmir (13538) | ||
| 652733 | 2008-03-28 03:58:00 | I think all the malware has gone . I dont see any more so you should be fine now . . . :thumbs: This will clear away any of the files and folders that were created by ComboFix . Go to : Start > Run then copy and paste the following highlighted text below and click OK . ComboFix /u Just dont forget not to have two anti virus programs installed as they can cause conflicts and slow down your system |
Pancake (6359) | ||
| 652734 | 2008-03-28 05:22:00 | Done uninstalling, thanks so much Pancake! :) And thanks to all the great helpful people on this board for all the great tips, they are much appreciated, Cheers!! |
vladmir (13538) | ||
| 652735 | 2008-03-28 05:38:00 | No problem.Glad to help. | Pancake (6359) | ||
| 1 2 3 4 | |||||